CVE-2020-19187

Опубликовано: 22 авг. 2023

Источник: debian

EPSS Низкий

Описание

Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1100 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
ncurses	fixed	6.1+20191019-1		package
ncurses	fixed	6.1+20181013-2+deb10u2	buster	package

Примечания

https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc3.md
Fixed in 20191012 with followups in 20191015 and 20191019 patchlevels
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/index.html
CVE-2020-19187 seems to be a duplicate of CVE-2019-17595 but keep distinct for now

EPSS

Процентиль: 89%

0.04825

Низкий

Связанные уязвимости

CVE-2020-19187

CVSS3: 6.5

ubuntu

больше 2 лет назад

Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1100 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.

CVE-2020-19187

CVSS3: 6.5

redhat

почти 7 лет назад

Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1100 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.

CVE-2020-19187

CVSS3: 6.5

nvd

больше 2 лет назад

Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1100 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.

GHSA-4rcf-8m6c-xh78

CVSS3: 6.5

github

больше 2 лет назад

Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1100 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.

EPSS

Процентиль: 89%

0.04825

Низкий